GoDaddy-hjælp

Fix my Drupal site (Drupalgeddon)

If you're here, we're assuming you've been notified of a critical security issue with Drupal, which has been called Drupalgeddon (or Drupageddon). Drupal's issued an announcement about it here, but this article contains the information you need to protect your Drupal site.

In short, this security risk could let attackers install backdoors on your website using a SQL injection. Essentially, this would let attackers target your website's visitors with various maladies, such as malware.

To warn you, this situation is bad and can get complicated. We have protection measures in place to minimize the risk of your site actually being affected, but it's important to proceed as if your site is compromised.

Analyzing Your Situation

The first thing to investigate is the situation you and your site are in.

Procedures

Warning: Before beginning, you must have a backup of your website created before Oct. 15, 2015 at 11pm UTC. Restoring from this backup will revert your site to the state it was at when the backup was taken. It's not ideal, but it's your best bet against passing malware onto your visitors.

If you have only one domain on your hosting account:

Create a backup of your compromised site (more info). We urge you to do this so you do not lose all of your content in case something goes awry.

With backups for each site: You can use the above process, but remove the content from each domain name's root directory, and then restore it using its backups.

Without backups for each site: You should complete the above procedure for your Drupal domain name, but you will still need to use the information in Manually Removing Backdoors for your account's other files.

Warning: Before beginning, you must have a database backup created before Oct. 15, 2015 at 11pm UTC. Restoring from this backup will revert your site to the state it was at when the backup was taken. It's not ideal, but it's your best bet against passing malware onto your visitors.

Create a backup of your compromised database (more info). We urge you to do this so you do not lose all of your content in case something goes awry.

Note your database's name. You will need to recreate a database using the exact same name.

If you do not have a backup of either your website or database (or both), you must manually remove any backdoors from your Drupal installation.

To do this for you, we offer an Expert Service for $79. With this service, we will make our best effort to remove all backdoors using the procedures identified by Drupal. This service does not guarantee your website is free from compromise, but it is as close to compromise-free as you can get (if your Drupal installation wasn't upgraded before the first reported compromises or restored from a backup created before Oct. 15, 2015 at 11pm UTC).

To manually remove any backdoors yourself, use the Drupal-recommended procedure. This procedure is very complicated and requires an advanced understanding of PHP and MySQL. Not all steps listed in the procedure are applicable to shared hosting environments, but completing what you can from this list will provide you the greatest likelihood of removing backdoors from your site.